package interceptor;

import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
import com.opensymphony.xwork2.interceptor.MethodFilterInterceptor;

import javax.servlet.http.HttpServletRequest;
import java.util.Map;

public class PermitInterceptor extends MethodFilterInterceptor {

    @Override
    protected String doIntercept(ActionInvocation actionInvocation) throws Exception {
        ActionContext actionContext = actionInvocation.getInvocationContext();
        String name  = (String) actionContext.getSession().get("name");
        Map<String ,Object> map = (Map<String, Object>) actionContext.get("request");
        if (name==null){
            map.put("message","<a>name的值为空，跳转到登陆界面</a>");
            return "error";
        }else {
            //如果登陆不是admin，要进行添加和更新，那么提示没有权限,拿到所有  要过滤方法的名字
            String name1 =  actionInvocation.getProxy().getMethod().toLowerCase();
            /*if (!name.equals("admin") && (name1.startsWith("add")||name1.startsWith("update"))) {
                map.put("message","<a>对不起，你没有权限</a>");
                return "error";
            }*/
            /*关于add  和 update的进行限制操作*/
            if (!"admin".equals(name)){
                return "error";
            }else {
                  if (name1.startsWith("add")||name1.startsWith("update")){
                      map.put("message","你的权限不够呢，请联系管理员");
                      return "error";
                  }
            }
        }
        return actionInvocation.invoke();
    }
}
